| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <cbd84ca9-4337-658e-d834-25943f5f3753@c-s.fr>
Date: Wed, 28 Nov 2018 10:46:21 +0100
From: Christophe LEROY <christophe.leroy@....fr>
To: Russell Currey <ruscur@...sell.cc>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Paul Mackerras <paulus@...ba.org>,
Michael Ellerman <mpe@...erman.id.au>
Cc: linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH v2 07/11] powerpc/mm/radix: Use KUEP API for Radix MMU
Sorry, I forgot to reset the author so the patch appears as coming from
yourself.
Le 28/11/2018 à 10:27, Russell Currey a écrit :
> Execution protection already exists on radix, this just refactors
> the radix init to provide the KUEP setup function instead.
>
> Thus, the only functional change is that it can now be disabled.
>
> Signed-off-by: Russell Currey <ruscur@...sell.cc>
> Signed-off-by: Christophe Leroy <christophe.leroy@....fr>
> ---
> arch/powerpc/mm/pgtable-radix.c | 9 ++++++---
> arch/powerpc/platforms/Kconfig.cputype | 1 +
> 2 files changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/arch/powerpc/mm/pgtable-radix.c b/arch/powerpc/mm/pgtable-radix.c
> index 931156069a81..45aa9e501e76 100644
> --- a/arch/powerpc/mm/pgtable-radix.c
> +++ b/arch/powerpc/mm/pgtable-radix.c
> @@ -535,8 +535,13 @@ static void radix_init_amor(void)
> mtspr(SPRN_AMOR, (3ul << 62));
> }
>
> -static void radix_init_iamr(void)
> +void setup_kuep(bool disabled)
> {
> + if (disabled)
> + return;
> +
> + pr_info("Activating Kernel Userspace Execution Prevention\n");
> +
> /*
> * Radix always uses key0 of the IAMR to determine if an access is
> * allowed. We set bit 0 (IBM bit 1) of key0, to prevent instruction
> @@ -605,7 +610,6 @@ void __init radix__early_init_mmu(void)
>
> memblock_set_current_limit(MEMBLOCK_ALLOC_ANYWHERE);
>
> - radix_init_iamr();
> radix_init_pgtable();
> /* Switch to the guard PID before turning on MMU */
> radix__switch_mmu_context(NULL, &init_mm);
> @@ -627,7 +631,6 @@ void radix__early_init_mmu_secondary(void)
> __pa(partition_tb) | (PATB_SIZE_SHIFT - 12));
> radix_init_amor();
> }
> - radix_init_iamr();
>
> radix__switch_mmu_context(NULL, &init_mm);
> if (cpu_has_feature(CPU_FTR_HVMODE))
> diff --git a/arch/powerpc/platforms/Kconfig.cputype b/arch/powerpc/platforms/Kconfig.cputype
> index a20669a9ec13..e6831d0ec159 100644
> --- a/arch/powerpc/platforms/Kconfig.cputype
> +++ b/arch/powerpc/platforms/Kconfig.cputype
> @@ -334,6 +334,7 @@ config PPC_RADIX_MMU
> bool "Radix MMU Support"
> depends on PPC_BOOK3S_64
> select ARCH_HAS_GIGANTIC_PAGE if (MEMORY_ISOLATION && COMPACTION) || CMA
> + select PPC_HAVE_KUEP
> default y
> help
> Enable support for the Power ISA 3.0 Radix style MMU. Currently this
>
Powered by blists - more mailing lists